질문

All FSMO roles placed in Primary domain controller.Now,i saw one event related NTDS.DIT database corruption on my primary domain controller and "ntds.dit" have lock symbol in my primary domain controller and "ntds.dit" without lock symbol in additional
domain controller. primary domain controller previously restored from system state backup on january-04-2012. what can i do for rectify the database corruption error? please must see the attached screen captures in skydrive. please suggest me. Thanks in advance..

Have you checked the directory service event log for any warning or errors. Also ensure that ntds/sysvol folder is excluded from AV scan.You can check the integrity of AD database refer below link:http://support.microsoft.com/kb/258062

For performing semantic analysis, you can refer link posted by Meinolf, but my question is did you exclude AD database from scanning by antivirus software, if not for future exclude Sysvol and Ntds folder from scanning to avoid corruption due to locking
of the file during scan.

You can also consider, performing offline defragmentation, might help you by rearranging the indices.

From the repadmin the replsum output there is no replication issue between the DC also the dcdiag does not report any error beside warning message related to HDD.An error was detected on device \Device\Harddisk2\DR8 during a paging operation on server
MASCRP1XVDP1.Please check the system event log for the same for details erorr.Have a look at below link this may be helpful.http://www.eventid.net/display.asp?eventid=51&eventno=793&source=Disk&phase=1

You mentioned that you have configured authorative and then you mentioned
How can I make my PDC as authoritative time server?

Anyways ensure that below parameters are set correctly on PDC server.

Make sure that below parameters are set correctly on PDC Server.
1.Change the server type to NTP
2.Set AnnounceFlags to 5
3.Enable NTPServer
4.Specify the time sources.eg time.windows.com,0x1
5Configure other paratmeters as well.

normally there is no need to modify the registry in detail about setting the time configuration. w32tm from the command line is everything you need by default. Or do you have that much specific requirements to configure the time for your domain?

"Many of the values in the W32Time section of the registry are used internally by W32Time to store information.
These values should not be manually changed at any time. Do not modify any of the settings in this section unless you are familiar with the setting and are certain that the new value will work as expected. The following registry entries are located
under HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\"

Today we had power down issue in my office. that time ADC only working,PDC went to down.PDC holds all FSMO roles,GC,DNS server. but that time no cname records working in LAN.After powering up the PDC all cname records are working.I need your support.I attached
screenshots in skydrive. please have a look on this and suggest me.

From the log the IP address 203.145.184.13 and 203.145.184.32 could not be resolved,ensure that it is correct forwarder since in dns forwarder its showing A timeout occured during....If it is not required remove the same and run the test again.

Thanks for the reply. I deleted those two DNS forwarders. still i can see one error related "glue record" of old domain controller.

mascrp1xvdp2.medallcorp.in and mascrp1vx1.medallcorp.in are old demoted domain controller entries. How can i resolve the "Glue record error" associated with mascrp1vx1.please see the attached screenshots in skydrive.